Wannie » Dear Dan, Pls ask police to lo
manja2369 » nice n cool place.... miss it 
RAO » MORNING TO EVERYBODY,MY NAME I
admin » Hi Ali,
Head North to Surat
Henny » How could you customise wp_lis
ALI » Hi, we are living in kl and wo
Tom Harrison » Thank you. I googled this and
manoj kumar bardhan » Thank you,
But I have this 
anggie » how bout this site
global-expc
Rob Crow » resident of S.w. Fl We lost e
Ankit » Thanks...it's greats...
John Tate » Hi, You can convert your files
Lhen » My first baby has G6PD too.. I
kharen » hi thess..
san po kau nakabli
Home
HYGEN Web Design
326 commentsOSCommerce Password Encryption
January 2nd, 2009 | by admin |
To integrate OSCommerce to an existing web application you will need to know how to add passwords to the OSCommerce customers database. You can use the function below to encrypt the passwords in a compatible manner…
function tep_encrypt_password($plain) {
$password = ”;for ($i=0; $i<10; $i++) {
$password .= tep_rand();
}$salt = substr(md5($password), 0, 2);
$password = md5($salt . $plain) . ‘:’ . $salt;
return $password;
}
You will also need this function -
function tep_rand($min = null, $max = null) {
static $seeded;
if (!isset($seeded)) {
mt_srand((double)microtime()*1000000);
$seeded = true;
}
if (isset($min) && isset($max)) {
if ($min >= $max) {
return $min;
}else{
return mt_rand($min, $max);
}
}else{
return mt_rand();
}
}
Looking at the customers table you can see what other data you need to save when users register at your site…
mysql> describe customers;
+——————————+————-+——+—–+———————
+—————-+
| Field | Type | Null | Key | Default
| Extra |
+——————————+————-+——+—–+———————
+—————-+
| customers_id | int(11) | NO | PRI | NULL
| auto_increment |
| customers_gender | char(1) | NO | |
| |
| customers_firstname | varchar(32) | NO | |
| |
| customers_lastname | varchar(32) | NO | |
| |
| customers_dob | datetime | NO | | 0000-00-00 00:00:00
| |
| customers_email_address | varchar(96) | NO | MUL |
| |
| customers_default_address_id | int(11) | YES | | NULL
| |
| customers_telephone | varchar(32) | NO | |
| |
| customers_fax | varchar(32) | YES | | NULL
| |
| customers_password | varchar(40) | NO | |
| |
| customers_newsletter | char(1) | YES | | NULL
| |
+——————————+————-+——+—–+———————
+—————-+
11 rows in set (0.00 sec)
January 26th, 2012 at 2:55 am
Hi Jordi,
Not looked at this for a long time but I guess one of two things happen…
1) User enters login details and they are sent in plan text – OS Commerce then passes the password throuh these methods and compares to the password in the database for the user.
Or
2) OS Commerce has some javascript that encodes the password before it is sent over the network. OS Comerce then compares this password hash with the one in the database.
I’m not sure if it does 1 or 2 but you can use firebug to see what is getting posted to oscommerce upon login. Also checkout the code in os commerce that processes logins.
Sorry if I couldn’t be more useful… this is an old post!
Dan
January 23rd, 2012 at 10:43 am
Hi Dan,
Thanks for this functions. I have a problem. Using the function tep_rand() for generate the password, how I get the same tep_rand() code when user makes a login. Oscomemrce save this generated string in any place??? Thanks!!!
$salt = substr(md5($password), 0, 2);